CN100367700C - Large scale digital live broadcast method based on digital right management - Google Patents

Large scale digital live broadcast method based on digital right management Download PDF

Info

Publication number
CN100367700C
CN100367700C CNB2004100625752A CN200410062575A CN100367700C CN 100367700 C CN100367700 C CN 100367700C CN B2004100625752 A CNB2004100625752 A CN B2004100625752A CN 200410062575 A CN200410062575 A CN 200410062575A CN 100367700 C CN100367700 C CN 100367700C
Authority
CN
China
Prior art keywords
module
digital content
user
client
bytes
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CNB2004100625752A
Other languages
Chinese (zh)
Other versions
CN1588849A (en
Inventor
赵黎
李斌
杨士强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tsinghua University
Original Assignee
Tsinghua University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tsinghua University filed Critical Tsinghua University
Priority to CNB2004100625752A priority Critical patent/CN100367700C/en
Publication of CN1588849A publication Critical patent/CN1588849A/en
Application granted granted Critical
Publication of CN100367700C publication Critical patent/CN100367700C/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

The present invention relates to a large scale digital direct broadcast method based on digital authority management, which belongs to the technical field of information transmission. Firstly, digital content is received and is enciphered; personal registration information of a user is received, and an identifier is generated; the user acquires a scheduler module address from a publish module; the users sends a scheduling request; the scheduler module sends a scheduling result to a client which initiates a service request to a direct broadcast module or a higher client, and the digital content is sent to the client by the direct broadcast module or the higher client; the client requests a license from a license issue module, and reproduces the digital content according to the license. The method of the present invention provides a direct broadcast service for users, the users can not directly obtain original digital content from enciphered digital content because the digital content of the direct broadcast is enciphered or a watermark is added, a content proprietor can control and manage the use of the content of the users through issuing licenses, and legal rights of the digital content proprietor are maintained.

Description

A kind of large scale digital live broadcast method based on digital rights management
Technical field
The present invention relates to a kind of large scale digital live broadcast method based on digital rights management (hereinafter to be referred as DRM), relate in particular to a kind of design of communication protocol that is used for the digital rights management of digital content between the live DRM system various piece, belong to the information dissemination technology field.
Background technology
The appearance of digital technology makes a large amount of contents occur with digitized forms and issue, and makes that the copy of the digital content speed that becomes is fast, and cost is low, and distortion is little.Be accompanied by Internet development, digital content data is propagated and is become very easy, and a lot of digital content datas are propagated by bootlegging, can not get control and management, thus infringement content owner's interests.Extensive live quick circulation way as a kind of digital content is just obtaining application more and more widely.The control and the management of the digital content under extensive live become a very important problem.Extensive live the interactive relation that participates between the live each side is very complicated because large-scale, and existing certain methods is not suitable for live on a large scale.The traditional encryption or the method for scrambling, can only control transmission course with managing digital content, in case digital content arrives in user's hand, control and management have just been lost to digital content, and the method for traditional encryption or scrambling have only the user to use to the control of content and management and cannot use two kinds may, poor selectivity.
Summary of the invention
The objective of the invention is to propose a kind of large scale digital live broadcast method based on digital rights management, by encrypting live digital content or the mode of adding watermark in live digital content, make that the user can't be from directly obtaining original digital content through the digital content after the encryption, by signing and issuing the mode of licence, make the content owner can the control and management different user to the use of the different modes of this content, prevent the illegal use of user to this content.
The large scale digital live broadcast method based on digital rights management that the present invention proposes may further comprise the steps:
(1) digital content processing module receiving digital contents, digital content is carried out encryption, to obtain three road signals, wherein the first via is the digital content after encrypting, be sent to live module, the second the tunnel be digital content brief introduction, digital content unique identifier and with the corresponding scheduler module of this unique identifier address, be sent to release module, Third Road be digital content unique identifier and with this encryption after the corresponding live module's address of digital content, be sent to scheduler module;
(2) authentication module receives user's individual log-on message, generates this user's unique identifier, and this user identifier is combined with public information in the individual log-on message, generates this user's identification identifier;
(3) user by client from the brief introduction of above-mentioned release module key numbers, and according to digital content brief introduction obtain required digital content unique identifier and with the corresponding scheduler module of this unique identifier address;
(4) user sends dispatch request according to the scheduler module address of above-mentioned steps (3) to this scheduler module, and sends the unique identifier of digital content and user's oneself identification identifier to it;
(5) after scheduler module is received dispatch request, user's identification identifier is sent to authentication module, authentication module is verified it, and will be verified that the result is recycled to scheduler module;
(6) scheduler module is checked and verified the result, if the result is not for passing through in checking, scheduler module refusing user's request then, if the result is for passing through in checking, then scheduler module is dispatched according to the unique identifier of the digital content that receives, and will be sent to client with the live module or the parent customer end address at digital content place after the corresponding encryption of the unique identifier of this digital content, preserve scheduling result simultaneously, parent customer end wherein is meant and carries out lively, can be the client that the client that is about to enter provides service simultaneously;
(7) client is initiated service request according to above-mentioned live module or parent customer end address to live module or parent customer end, unique identifier with User Identity symbol and digital content is sent to this live module or parent customer end simultaneously, to obtain digital content;
(8) live module or parent customer end are sent to scheduler module with the user's that receives the identification identifier and the unique identifier of digital content, the scheduling result comparison that scheduler module is preserved itself and above-mentioned steps (6), and the result of comparison is back to live module or parent customer end;
(9) comparison result received of live module or the inspection of parent customer end, if comparison result is not for passing through, the request of then live module or parent customer end refusal client, if comparison result is for passing through, then the unique identifier of the digital content that receives of basis provides digital content after the encryption to client;
(10) after client receives digital content after the encryption, search corresponding licence with this digital content, if no suitable licence, then the user initiates to sign and issue license request by client to the licensing module, selects to buy corresponding licence according to different situations;
(11) the licensing module is sent to authentication module with the User Identity symbol of receiving, authentication module is verified it, and will be verified that the result is recycled to the licensing module;
(12) the checking result that receives of licensing module check, if the result is not for passing through in checking, the then request of licensing module refusing user's, if the result is for passing through in checking, then identification identifier that sends over according to the user and user's demand are signed and issued licence, and licence original or the copy of signing and issuing is sent to client according to different situations, preserve this licence simultaneously;
(13) reproduce digital content after the encryption of receiving according to user's actual needs under the client right of in licence, permitting.
In the said method, the communication process between client and the authentication module comprises the steps:
(1) client is given an order to authentication module, the request PKI;
(2) authentication module sends response to client, receives the request of request PKI;
(3) authentication module sends PKI to client;
(4) client is sent response to authentication module, receives PKI;
(5) client sends with the temporary key behind the public key encryption to authentication module;
(6) authentication module sends response to client, receives the temporary key after the encryption;
(7) client sends with the individual log-on message after the temporary key encryption to authentication module;
(8) authentication module is received with the individual log-on message after the temporary key encryption to client end response;
(9) authentication module sends identification document to client;
(10) client responds to authentication module, receives identification document.
In the said method, the communication process between client and the scheduler module comprises the steps:
(1) client sends identify label and program number to scheduler module;
(2) scheduler module is received identify label and program number to client end response;
(3) scheduler module sends scheduling result to client;
(4) client responds to scheduler module, receives scheduling result.
In the said method, the communication process between client and live module or the parent customer end comprises the steps:
(1) client sends identify label and program number to live module or parent customer end;
(2) live module or parent customer end are received identify label and program number to client end response;
(3) live module or parent customer end send content to client.
In the said method, mutual communication process between client and the licence module comprises the steps:
(1) client sends identify label to the licence module;
(2) the licence module is received identify label to client end response;
(3) the licence module sends the possible attribute list of licence to client;
(4) client is received the possible attribute list of licence to the licence module responds;
(5) client sends the attribute list want the licence bought to the licence module;
(6) the licence module is to client end response, receives the attribute list of wanting the licence bought;
(7) the licence module sends licence to client;
(8) client is received licence to the licence module responds.
In the said method, mutual communication process between live module or parent customer end and the scheduler module comprises the steps:
(1) live module or parent customer end send User Identity and program number to scheduler module;
(2) scheduler module is received User Identity and program number to live module or the response of parent customer end;
(3) scheduler module sends the checking result to live module or parent customer end;
(4) live module or parent customer end respond to scheduler module, receive the checking result.
In the said method, mutual communication process between scheduler module and the authentication module comprises the steps:
(1) scheduler module sends User Identity to authentication module;
(2) authentication module responds to scheduler module, receives User Identity;
(3) authentication module sends authentication result to scheduler module;
(4) scheduler module responds to authentication module, receives authentication result.
In the said method, mutual communication process between licence module and the authentication module comprises the steps:
(1) the licence module sends User Identity to authentication module;
(2) authentication module is received User Identity to the licence module responds;
(3) authentication module sends authentication result to the licence module;
(4) the licence module responds to authentication module, receives authentication result.
The large scale digital live broadcast method that the present invention proposes based on digital rights management, be used for providing direct broadcast service to the user, in service process, live digital content is encrypted, make that the user can't be from directly obtaining original digital content through the digital content after the encryption, by signing and issuing the mode of licence, make the content owner can the control and management user to the use of this content, prevent the illegal use of user to this content.And when the user preserves digital content, add user-dependent unique watermark, in order to follow the tracks of digital content.Use key sequence to encrypt digital content, the digital content anti-attack of robust more after feasible the encryption.The use of licence offers the user and more selects, and can select to buy less right with lower cost, also can select to buy more right with more cost.
Description of drawings
Fig. 1 is the FB(flow block) of the inventive method.
Fig. 2 is the detail flowchart of the inventive method.
Embodiment
Among Fig. 1, the 1st, digital content is sent to encryption processing module; The 2nd, encryption processing module is handled the original contents of receiving, the content after generate encrypting is sent to live module then, and the brief information etc. that generates content simultaneously is sent to release module and unique identifier etc. and is sent to scheduler module; The 3rd, the user to authentication module enrollment status, identifies this user identification identifier in system to obtain one by client; The 4th, authentication module returns user's identification identifier to client; The 5th, the user obtains live information by client to release module; The 6th, release module is returned live information to client; The 7th, the user by client to the service of scheduler module request scheduling; The 8th, scheduler module is brought the user by client identification identifier is sent to the authentication module checking; The 9th, authentication module is sent back to scheduler module to the result of checking; The 10th, scheduler module is dispatched, and the result of scheduling is returned to client; The 11st, the user serves to live module or the request of parent customer end by client; The 12nd, live module or parent customer end are investigated this user to scheduler module, see whether be the result of scheduler module scheduling; The 13rd, scheduler module is returned the result of verification to live module or parent customer end; The 14th, live module or parent customer end provide service to client; The 15th, the user by client to the licensing module card that asks for permission; The 16th, the licensing module is to authentication module requests verification user's identity; The 17th, authentication module returns the result of checking to the licensing module; The 18th, the licensing module is signed and issued licence and is given the user; 19 clients are reproduced shielded content according to the licence that the user buys.
The present invention proposes a kind ofly is used for communication process between live each module of DRM system, may further comprise the steps:
Agreement between licence module and the authentication module is to be used for the identity of licence module to authentication module requests verification user.The user is to the licence module card that asks for permission, and the licence module must know that whether legal this user effectively, whether responds this user's request with decision, provides service to him.The licence module sends to its ask for permission identify label of user of card to authentication module.The identity of authentication module authenticated user, and authentication result sent to the licence module.
Agreement between scheduler module and the authentication module is to be used for the identity of scheduler module to authentication module request authentication user.Scheduler module is received the user's that certain client is sent identify label, and it must know whether this user is legal effective.At first, the scheduler module user's that it is received to the authentication module transmission identify label.Then, the identity of authentication module authenticated user, and authentication result sent to scheduler module.
Agreement between live module or parent customer end and the scheduler module is to be used for live module or the parent customer end identity to scheduler module requests verification user.The user is to live module or parent customer end request service, and live module or parent customer end must know that whether this user is legal effective, to determine whether to respond this user's request, provides service to him.At first, live module or parent customer end send to the client of its request service to scheduler module and issue its User Identity and program number.Then, scheduler module checking user's identity and program number are seen whether be the result who oneself dispatches, and the result of checking are sent to live module or parent customer end.
Agreement between client and the licence module is to be used for client to the licence module card that asks for permission.The live content that client is received from live module or parent customer end is shielded.If the user wants this content is carried out various operations, it must have corresponding licence.If there is not corresponding licence, the user will be to the licence module card that asks for permission so.At first, client sends user's identify label to the licence module.Then, licence module verification user's identity, if legal effective, the licence module is just issued client to the possible attribute list of licence so.The user selects to want the attribute list of the licence bought, then it is sent to the licence module.The licence module just according to the attribute list of the licence of receiving, is signed and issued a corresponding licence, and licence is sent to the user.
Agreement between client and live module or the parent customer end is to be used for client to live module or parent customer end request direct broadcast service.At first, client sends user's identify label and he to live module or parent customer end and wants the program watched.Then, live module or parent customer end checking user's identity, if legal and be the scheduler module scheduling really, so live module or parent customer end just provide direct broadcast service to client, and shielded content is sent to client.
Agreement between client and the scheduler module is to be used for client to the service of scheduler module request scheduling.Client gets up to obtain the live module of direct broadcast service or the address list of parent customer end can be provided by dispatch service.At first, client sends user's identify label and he to scheduler module and wants the program watched.Then, scheduler module checking user's identity, if legal, scheduler module is just dispatched so, and the result of scheduling is sent to client.
Agreement between client and the authentication module is to be used for the user from the identity of client to authentication module registration oneself.The user wants to watch live program, and he must arrive first the authentication module registration, submits individual's detailed log-on message to authentication module, to become the validated user of system.At first, client sends a request to authentication module, and the request authentication module sends to client to its PKI.Then authentication module sends to client to the PKI of oneself.Client generates an interim key, use the PKI of receiving to encrypt this interim key then, encrypt individual's detailed log-on message simultaneously with this temporary key, then temporary key after encrypting and the individual's after the encryption log-on message is sent to authentication module.At last, authentication module uses ciphertext that the private key of oneself deciphers the temporary key of the receiving temporary key with the detailed log-on message that obtains being used for encrypting user, use personal information that the temporary key decipher out comes the user behind the enabling decryption of encrypted obtaining user's personal information then, and generate a unique identification number for this user.Then to a part of log-on message of user, some information of authentication module, and user's unique identifying number is issued the user with after forming user's identify label after the private key signature of authentication module.The identity of user in whole live broadcast system just come unique definite by his identify label.
In the communication process between each functional module of the inventive method, command format is: command header+command body, and wherein the form of command header and length are fixed, and the form of command body is different and different with what order with length.
Command header form in the said process is as follows:
Order ID Integer (four bytes) Be used for tabbing command
Order length Integer (four bytes) Be used for indicating the length of command body
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
In the said method, the communication process between client and the authentication module comprises the steps:
(1) client is given an order to authentication module, the request PKI, and command format is as follows;
Order ID Integer (four bytes) 0x00000001
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
(2) authentication module sends response to client, receives the request of request PKI, and command format is as follows;
Order ID Integer (four bytes) 0x80000001
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
(3) authentication module sends PKI to client, and command format is as follows;
Order ID Integer (four bytes) 0x00000002
Content-length Integer (four bytes) The length of content field
Content Character type (length equals content-length) PKI, the byte number that takies is relevant with using public-key length, is indicated by content-length
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
(4) client is sent response to authentication module, receives PKI, and command format is as follows;
Order ID Integer (four bytes) 0x80000002
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
(5) client sends with the temporary key behind the public key encryption to authentication module, and command format is as follows;
Order ID Integer (four bytes) 0x00000003
Content-length Integer (four bytes) The length of content field
Content Character type (length equals content-length) Temporary key behind the public key encryption, the byte number that takies is relevant with the length of length that is used public-key and temporary key, is indicated by content-length
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
(6) authentication module sends response to client, receives the temporary key after the encryption, and command format is as follows;
Order ID Integer (four bytes) 0x80000003
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
(7) client sends with the individual log-on message after the temporary key encryption to authentication module, and command format is as follows;
Order ID Integer (four bytes) 0x00000004
Content-length Integer (four bytes) The length of content field
Content Character type (length equals content-length) After temporary key is encrypted, the byte number that takies is relevant with using public-key length, is indicated by content-length
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
(8) authentication module receives that to client end response command format is as follows with the individual log-on message after the temporary key encryption;
Order ID Integer (four bytes) 0x80000004
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
(9) authentication module sends identification document to client, and command format is as follows;
Order ID Integer (four bytes) 0x00000005
Content-length Integer (four bytes) The length of content field
Content Character type (length equals content-length) Identify label, the byte number that takies is relevant with the form of identify label, is indicated by content-length
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
(10) client responds to authentication module, receives identification document, and command format is as follows.
Order ID Integer (four bytes) 0x80000005
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
In the said method, the communication process between client and the scheduler module comprises the steps:
(1) client sends identify label and program number to scheduler module, and command format is as follows;
Order ID Integer (four bytes) 0x00000006
Content-length Integer (four bytes) The length of content field
Content Character type (length equals content-length) Identify label, the byte number that takies is relevant with the form of identify label, is indicated by content-length
Program number Integer (four bytes) Program number
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
(2) scheduler module is received identify label and program number to client end response, and command format is as follows;
Order ID Integer (four bytes) 0x80000006
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
(3) scheduler module sends scheduling result to client, and command format is as follows;
Order ID Integer (four bytes) 0x00000007
Content-length Integer (four bytes) The length of content field
Content Character type (length equals content-length) Scheduling result, the byte number that takies is relevant with the form of scheduling result, is indicated by content-length
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
(4) client responds to scheduler module, receives scheduling result, and command format is as follows.
Order ID Integer (four bytes) 0x80000007
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
In the said method, the communication process between client and live module or the parent customer end comprises the steps:
(1) client sends identify label and program number to live module or parent customer end, and command format is as follows;
Order ID Integer (four bytes) 0x00000008
Content-length Integer (four bytes) The length of content field
Content Character type (length equals content-length) Identify label, the byte number that takies is relevant with the form of identify label, is indicated by content-length
Program number Integer (four bytes) Program number
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
(2) live module or parent customer end are received identify label and program number to client end response, and command format is as follows;
Order ID Integer (four bytes) 0x80000008
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
(3) live module or parent customer end send content to client, and command format is as follows.
Order ID Integer (four bytes) 0x00000009
Content-length Integer (four bytes) The length of content field
Content Character type (length equals content-length) Digital content, the byte number that takies is indicated by content-length
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
In the said method, mutual communication process between client and the licence module comprises the steps:
(1) client sends identify label to the licence module, and command format is as follows;
Order ID Integer (four bytes) 0x00000010
Content-length Integer (four bytes) The length of content field
Content Character type (length equals content-length) Identify label, the byte number that takies is relevant with the form of identify label, is indicated by content-length
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
(2) the licence module is received identify label to client end response, and command format is as follows;
Order ID Integer (four bytes) 0x80000010
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
(3) the licence module is to the possible attribute list of client transmission licence, and command format is as follows;
Order ID Integer (four bytes) 0x00000011
Content-length Integer (four bytes) The length of content field
Content Character type (length equals content-length) The possible attribute list of licence, the byte number that takies is relevant with the attribute column tableau format, is indicated by content-length
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
(4) client is received the possible attribute list of licence to the licence module responds, and command format is as follows;
Order ID Integer (four bytes) 0x80000011
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
(5) client sends the attribute list want the licence bought to the licence module, and command format is as follows;
Order ID Integer (four bytes) 0x00000012
Content-length Integer (four bytes) The length of content field
Content Character type (length equals content-length) Want the possible attribute list of the licence bought, the byte number that takies is relevant with the attribute column tableau format, is indicated by content-length
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
(6) the licence module is to client end response, receives the attribute list of wanting the licence bought, and command format is as follows;
Order ID Integer (four bytes) 0x80000012
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
(7) the licence module sends licence to client, and command format is as follows;
Order ID Integer (four bytes) 0x00000013
Content-length Integer (four bytes) The length of content field
Content Character type (length equals content-length) Licence, the byte number that takies is relevant with the form of licence, is indicated by content-length
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
(8) client is received licence to the licence module responds, and command format is as follows.
Order ID Integer (four bytes) 0x80000013
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
In the said method, mutual communication process between live module or parent customer end and the scheduler module comprises the steps:
(1) live module or parent customer end send User Identity and program number to scheduler module, and command format is as follows;
Order ID Integer (four bytes) 0x00000014
Content-length Integer (four bytes) The length of content field
Content Character type (length equals content-length) Identify label, the byte number that takies is relevant with the form of identify label, is indicated by content-length
Program number Integer (four bytes) Program number
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
(2) scheduler module is received User Identity and program number to live module or the response of parent customer end, and command format is as follows;
Order ID Integer (four bytes) 0x80000014
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
(3) scheduler module sends the checking result to live module or parent customer end, and command format is as follows;
Order ID Integer (four bytes) 0x00000015
Authentication result Integer (four bytes) The checking result
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
(4) live module or parent customer end respond to scheduler module, receive the checking result, and command format is as follows.
Order ID Integer (four bytes) 0x80000015
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
In the said method, mutual communication process between scheduler module and the authentication module comprises the steps:
(1) scheduler module sends User Identity to authentication module, and command format is as follows;
Order ID Integer (four bytes) 0x00000016
Content-length Integer (four bytes) The length of content field
Content Character type (length equals content-length) Identify label, the byte number that takies is relevant with the form of identify label, is indicated by content-length
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
(2) authentication module responds to scheduler module, receives User Identity, and command format is as follows;
Order ID Integer (four bytes) 0x80000016
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
(3) authentication module sends authentication result to scheduler module, and command format is as follows;
Order ID Integer (four bytes) 0x00000017
Authentication result Integer (four bytes) Authentication result
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
(4) scheduler module responds to authentication module, receives authentication result, and command format is as follows.
Order ID Integer (four bytes) 0x80000017
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
In the said method, mutual communication process between licence module and the authentication module comprises the steps:
(1) the licence module sends User Identity to authentication module, and command format is as follows;
Order ID Integer (four bytes) 0x00000018
Content-length Integer (four bytes) The length of content field
Content Character type (length equals content-length) Identify label, the byte number that takies is relevant with the form of identify label, is indicated by content-length
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
(2) authentication module is received User Identity to the licence module responds, and command format is as follows;
Order ID Integer (four bytes) 0x80000018
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
(3) authentication module sends authentication result to the licence module, and command format is as follows;
Order ID Integer (four bytes) 0x00000019
Authentication result Integer (four bytes) Authentication result
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null
(4) the licence module responds to authentication module, receives authentication result, and command format is as follows.
Order ID Integer (four bytes) 0x80000019
Reserved word 1 Integer (four bytes) Keep null
Reserved word 2 Integer (four bytes) Keep null

Claims (1)

1. large scale digital live broadcast method based on digital rights management is characterized in that this method may further comprise the steps:
(1) encryption processing module receiving digital contents, digital content is carried out encryption, to obtain three road signals, wherein the first via is the digital content after encrypting, be sent to live module, the second the tunnel be digital content brief introduction, digital content unique identifier and with the corresponding scheduler module of this unique identifier address, be sent to release module, Third Road be digital content unique identifier and with this encryption after the corresponding live module's address of digital content, be sent to scheduler module;
(2) authentication module receives user's individual log-on message, generates this user's unique identifier, and this user identifier is combined with public information in the individual log-on message, generates this user's identification identifier;
(3) user by client from the brief introduction of above-mentioned release module key numbers, and according to digital content brief introduction obtain required digital content unique identifier and with the corresponding scheduler module of this unique identifier address;
(4) user sends dispatch request according to the scheduler module address of above-mentioned steps (3) to this scheduler module, and sends the unique identifier of digital content and user's oneself identification identifier to it;
(5) after scheduler module is received dispatch request, user's identification identifier is sent to authentication module, authentication module is verified it, and will be verified that the result is recycled to scheduler module;
(6) scheduler module is checked and verified the result, if the result is not for passing through in checking, scheduler module refusing user's request then, if the result is for passing through in checking, then scheduler module is dispatched according to the unique identifier of the digital content that receives, and will be sent to client with the live module or the parent customer end address at digital content place after the corresponding encryption of the unique identifier of this digital content, preserve scheduling result simultaneously;
(7) client is initiated service request according to above-mentioned live module or parent customer end address to live module or parent customer end, unique identifier with User Identity symbol and digital content is sent to this live module or parent customer end simultaneously, to obtain digital content;
(8) live module or parent customer end are sent to scheduler module with the user's that receives the identification identifier and the unique identifier of digital content, the scheduling result comparison that scheduler module is preserved itself and above-mentioned steps (6), and the result of comparison is back to live module or parent customer end;
(9) comparison result received of live module or the inspection of parent customer end, if comparison result is not for passing through, the request of then live module or parent customer end refusal client, if comparison result is for passing through, then the unique identifier of the digital content that receives of basis provides digital content after the encryption to client;
(10) after client receives digital content after the encryption, search corresponding licence with this digital content, if no suitable licence, then the user initiates to sign and issue license request by client to the licensing module, selects to buy corresponding licence according to different situations;
(11) the licensing module is sent to authentication module with the User Identity symbol of receiving, authentication module is verified it, and will be verified that the result is recycled to the licensing module:
(12) the checking result that receives of licensing module check, if the result is not for passing through in checking, the then request of licensing module refusing user's, if the result is for passing through in checking, then identification identifier that sends over according to the user and user's demand are signed and issued licence, and licence original or the copy of signing and issuing is sent to client according to different situations, preserve this licence simultaneously;
(13) digital content after the encryption that reproduction is received according to user's actual needs under the right that client is permitted in licence.
CNB2004100625752A 2004-07-02 2004-07-02 Large scale digital live broadcast method based on digital right management Expired - Fee Related CN100367700C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNB2004100625752A CN100367700C (en) 2004-07-02 2004-07-02 Large scale digital live broadcast method based on digital right management

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB2004100625752A CN100367700C (en) 2004-07-02 2004-07-02 Large scale digital live broadcast method based on digital right management

Publications (2)

Publication Number Publication Date
CN1588849A CN1588849A (en) 2005-03-02
CN100367700C true CN100367700C (en) 2008-02-06

Family

ID=34603726

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB2004100625752A Expired - Fee Related CN100367700C (en) 2004-07-02 2004-07-02 Large scale digital live broadcast method based on digital right management

Country Status (1)

Country Link
CN (1) CN100367700C (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101582876A (en) * 2008-05-12 2009-11-18 华为技术有限公司 Method, device and system for registering user generated content (UGC)
CN101729176B (en) * 2008-10-22 2012-10-03 华为技术有限公司 Method, system and device for synchronizing authentication information in broadcasting service
CN101827108B (en) * 2010-05-12 2012-10-10 清华大学 Method for describing and acquiring right object of digital work in digital right management

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1335557A (en) * 2000-07-03 2002-02-13 株式会社日立制作所 Data display method and system
WO2002035426A1 (en) * 2000-10-25 2002-05-02 Lightning Source, Inc. Fulfilling a request for an electronic book
WO2003045036A2 (en) * 2001-11-15 2003-05-30 General Instrument Corporation Key management protocol and authentication system for secure content delivery over the internet

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1335557A (en) * 2000-07-03 2002-02-13 株式会社日立制作所 Data display method and system
WO2002035426A1 (en) * 2000-10-25 2002-05-02 Lightning Source, Inc. Fulfilling a request for an electronic book
WO2003045036A2 (en) * 2001-11-15 2003-05-30 General Instrument Corporation Key management protocol and authentication system for secure content delivery over the internet

Also Published As

Publication number Publication date
CN1588849A (en) 2005-03-02

Similar Documents

Publication Publication Date Title
CN101043319B (en) Digital content protective system and method
CN1327373C (en) Method of protecting and managing digital contents and system for using thereof
JP4750352B2 (en) How to get a digital license for digital content
CN102057382B (en) Temporary domain membership for content sharing
RU2352985C2 (en) Method and device for authorisation of operations with content
CN100399225C (en) Method for determining use permission of information and content distribution system using the method
CN100353273C (en) Divided rights in authorized domain
US20040225884A1 (en) Electronic signature system and method
US8359473B1 (en) System and method for digital rights management using digital signatures
JP4548441B2 (en) Content utilization system and content utilization method
WO2006109982A1 (en) License data structure and license issuing method
JP2004046790A (en) System for digital contents protection and management
CN1961270A (en) License management in a privacy preserving information distribution system
CN1937495A (en) Digital copyright protection method and system for media network application
JP4561146B2 (en) Content distribution system, encryption apparatus, encryption method, information processing program, and storage medium
Zhang et al. Using blockchain to protect personal privacy in the scenario of online taxi-hailing
CN101189633A (en) Method and apparatus for authorizing rights issuers in a content distribution system
US20170024551A1 (en) System, method and apparaturs for securely distributing content
CN103237010B (en) The server end of digital content is cryptographically provided
KR20210037274A (en) Apparatus and method for managing contents
CN112163191A (en) Education resource sharing method and system based on national secret block chain
JP3956106B2 (en) Computer apparatus and program
CN1371059A (en) Data releasing system
CN101425112A (en) Digital exequatur sending system and digital work decipher operation method
CN101501724A (en) Rights management system for streamed multimedia content

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20080206

Termination date: 20210702